Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Existing Users When Moving to Atlassian Access and SSO

Deleted user
February 22, 2020

My company currently has an organization setup for Atlassian we have about 357 users that have standard Atlassian credentials. Those 357 users have emails that are associated with our company domain, meaning when they login they use an email like this: <firstname_lastname>@companydomain.com. We are currently using Jira, Confluence, and Jira Service Desk. We are going to also be adding Bitbucket very soon.

We are looking to use Atlassian Access to leverage SSO using AzureAD as our identity provider. Based on reading the docs the steps to get these users to be managed by Atlassian Access are:

1. Verify our domain

2. Create the AzureAD application for Atlassian

3. Assign relevant users to the Atlassian application in AzureAD

4. Configure the SAML SSO to sync users from AzureAD

As we make this transition I want to ensure that we don't have any disruption for the users that will be managed from AzureAD. I have a few questions about how this will work and what the experience will be for the existing users.

My questions are:

1. Once we verify our domain then any users with an email of @companydomain.com will be considered managed users, but until we enable SAML they will be able to continue logging in using their already provisioned Atlassian credentials. Is this correct?

2. If we add all existing users on @companydomain.com to the Atlassian application in AzureAD, then they will be able to login to Atlassian using their AD credentials. Is this correct?

3. Once the users are being managed through AzureAD via SAML will they be assigned to all the same groups and applications in Atlassian that they were before? Or do we have to re-assign groups and access after they are being managed through AzureAD?

ex) john_doe@companydomain.com currently logs in using Atlassian credentials and has access to various projects in Jira and has access to confluence. Once we switch over to AzureAD and john_doe@companydomain.com logs in using AD credentials will john_doe@companydomain.com continue to have access to everything he had access to before without any extra administrative steps?

4. Will all the user mentions for a user still be relevant and intact once we switch them over to Azure AD?

5. If something goes wrong and we need to turn SAML and SSO off will all users be able to continue using their Atlassian credentials as they did before?

6. Any user that has a login email that is not on our company domain for example: jane_doe@someothercompany.com will be able to continue  using their Atlassian credentials. Is this correct?

Thanks in advance for any assistance. 

 

 

Answer
Watch
Like # people like this
7862 views

1 answer

0 votes
Angélica Luz
Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 1, 2021

Hello @Ahmed Attia,

Welcome to Atlassian Community!

Checking the details of your site, I can see that you are the Org admin and also the main billing and technical contact. 

I don’t see any other Cloud site linked to your email address, so I believe you resolved the issue.

If you have any other questions regarding this matter, please let us know.

Kind regards,
Angélica

View More Comments
Ahmed Attia
Ahmed Attia
March 2, 2021

Thank you @Angélica Luz ,

I want to change the owner of the organization to another email not the administrator 

Like
Angélica Luz
Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 3, 2021

Hi @Ahmed Attia,

I’m not sure I understood correctly.

You are the only Org administrator, would you like to change your email address to another domain?

Please, give us more information about what you meant by the owner of the organization, because if you are talking about the site sxxxxx-nxxx.atlassian.net, you are the main billing contact, site administrator, and org administrator.

Like
Ahmed Attia
Ahmed Attia
March 3, 2021

Hi @Angélica Luz 

I have an account on jira  with an email of ---------->xxx@gmail.com  owner of organization -------> AAA

and another account on jira with email-------> yyy@gmail.com

I want to make the account of yyy@gmail.com to be the owner of (not just admin) of AAA Organization

Like
Angélica Luz
Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 5, 2021

Thank you for the details, @Ahmed Attia.

In this case, you need to access Jira with xxx@gmail.com and go to Cog icon > User management and make sure the yyy@gmail.com is a site administrator.

After that, still using the account xxx@gmail.com on the User management, click on Settings > Administrators > Add administrators and select the yyy@gmail.com user.

Screen Shot 2021-03-05 at 10.54.18.png

Screen Shot 2021-03-05 at 10.56.03.png

Like
Reply

Suggest an answer

Log in or Sign up to answer
Atlassian Guard
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security